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DETAILED ACTION 
Status of Claims 

1. This action is in reply to the U.S. Application 1071 1735 filed on 09/30/2004. 

2. Claims 1-34 are currently pending and have been examined. 

Information Disclosure Statement 

3. The Information Disclosure Statements filed on 12/06/2004, 05/18/2006 and 04/15/2008 have 
been considered. Initialed copies of the Form 1449 are enclosed herewith. 

4. Examiner's Note: The Examiner has pointed out particular references contained in the prior art 
of record within the body of this action for the convenience of the Applicant. Although the 
specified citations are representative of the teachings in the art and are applied to the specific 
limitations within the individual claim, other passages and figures may apply. Applicant, in 
preparing the response, should consider fully the entire reference as potentially teaching all or 
part of the claimed invention, as well as the context of the passage as taught by the prior art or 
disclosed by the Examiner. 

Claim Rejections - 35 USC §112 

5. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 



Application/Control Number: 10/711,735 Page 3 

Art Unit: 4114 

6. Claim 2-25 are rejected under 35 U.S.C. 112, second paragraph, as being indefinite for failing to 
particularly point out and distinctly claim the subject matter which applicant regards as the 
invention. 

Claims 2-25 recite the limitations step (a), step (b) and step (c). However, there are no such 
limitations defined in claim 1. 

Claims 13, 20, 25, and 31 recite the limitation substantially. The use of such a limitation in 
dependent claims is vague and indefinite because the term is relative. 

Claims 26 recites the limitations mechanism, engine and operating system interface. There is no 
sufficient definition as to what they are. For purposes of this examination, the examiner will 
interpret them as being computer program modules or software per se. 

7. 

Claim Rejections - 35 USC §101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

8. Claims 1-25 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non- 
statutory subject matter. 

Claims 1-25 are directed to a method. However, the recited steps of the method are held to be 
non-statutory subject matter because the recited steps of the method are (1) not tied to another 
statutory class (such as a particular apparatus) or (2) not transforming the underlying subject 
matter (such as an article or materials ) to a different state or thing. 

Claims 26-34 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non- 
statutory subject matter. 

Claims 26-34 are directed to an apparatus. However, the recited components of the apparatus 
appear to lack the necessary physical components (hardware) to constitute a machine or 
manufacture under § 101. Therefore, these claim limitations can be reasonably interpreted as 
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computer program modules or software per se. The claims are directed to functional descriptive 
material per se and hence non-statutory. 

The claims constitute computer programs representing computer listings per se. Such 
descriptions or expressions of the programs are not physical "things". They are neither computer 
components nor statutory processes, as they are not "acts" being performed. Such claimed 
computer programs do not define any structural and functional interrelationships between the 
computer program and other claimed elements of a computer, which permit the computer 
program's functionality to be realized. In contrast, a claimed computer-readable medium 
encoded with a computer program is a computer element, which defines structural and functional 
interrelationships between the computer program and the rest of the computer, that permits the 
computer program's functionality to be realized, and is thus statutory. See Lowry, 32 F.3d at 
1583-84,32 USPQ2d at 1035 

Claim Rejections - 35 USC §103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), 
that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness or 
nonobviousness. 

11. Claim 1, 6, 14-16, 21 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey et 
al. (US 7,203,941 B2) in view of Gainer et al. (US 6,321 ,219 B1 ). 
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Claim 1 

Demsey discloses the following limitations: 

• receiving a request to access a system object from a process executing in the context of 
a user isolation scope, the request including a virtual name for the system object; (see at 
least col. 7, lines 15-21 and Fig.3, step 302 and Fig. 2) where Demsey discloses 
receiving a request to access a native resource that may contain system objects as 
shown in figure 2. 

• determining a rule associated with the request; (see at least col. 7, lines 32-36, 44-62 and 
Fig.3, steps 305 and 306) where Demsey discloses determining access and availability 
of resources. 

• forming a literal name for the system object in response to the determined rule; (see at 
least col. 7, lines 15-21 and Fig.3, step 310 and Fig. 2) where Obj (i) assigns a Name 
and address for requested native resources, and 

• issuing to the operating system a request to access the system object, the request 
including the literal name for the system object, (see at least col. 8, lines 5-15 and Fig.3, 
steps 312-314) 

Demsey does not specifically disclose system object. However, Gainer in at least Fig. 5 discloses 
specifically receiving a request to access an object. It would have been obvious to one of ordinary 
skill in the art at the time of the invention to modify "Associating a native resource with an 
application" of Demsey to include receiving a request for system objects of Gainer because it 
would have allow the practitioner to modify the access to Native Resources to include access to 
system objects. 

Claim 6 

The combination Demsey/Gainer disclose the limitations as shown in the rejections above. 
Demsey does not specifically disclose the limitations a group consisting of ignore, redirect and 
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isolate, is associated with the request. However, Gainer discloses "Some conventional servers 
also include a capability for redirecting queries to other programs, such as to file indexer 344" 
(see at least col. 7, lines 40-42). It would have been obvious to one of ordinary skill in the art to 
combine the mechanism for determining a rule of Demsey with the technique of redirecting of 
Gainer because it would have allowed the practitioner to include rule actions such as Gainer's to 
achieve desired requirements. 

Claim 14 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. 
Furthermore, Demsey discloses the limitation further comprising the step of receiving a handle 
from the operating system identifying the accessed object (see at least fig. 3 steps 310-312 and 
related text). 

Claim 15 

The combination Demsey/Gainer disclose as shown in the rejections above. Furthermore, 
Demsey discloses the limitation further comprising the step of transmitting the handle to the 
process (see at least fig. 3 steps 312, 314, 302 and related text). 

Claim 16 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. 
Furthermore, Demsey discloses further comprising the step of receiving a request to access the 
system object from a second process executing in the context of a second user isolation scope, 
the request including the virtual name for the object (see at least fig. 1-3 and col. 10, lines 10-15). 
Where in Fig. 3 Demsey discloses receiving a request from a process to access a native resource 
while in Fig. 2 the Native Resource Table Handle discloses object name handles for plurality of 
application processes. Additionally in col. 10, lines 10-15 Demsey discloses the intension to allow 
one or more users to have access to such native resources/objects. Therefore, Demsey discloses 
a second or third user requesting access to a native resource or object. 
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Claim 21 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. 
Furthermore, Demsey discloses the limitation further comprising the step of receiving a request to 
access the system object from a second process executing in the context of the user isolation 
scope, the request including the virtual name for the object (see at least fig. 1-3 and col. 10, lines 
10-15). Where in Fig. 3 Demsey discloses receiving a request from a process to access a native 
resource while in Fig. 2 the Native Resource Table Handle discloses object name handles for 
plurality of application processes. Additionally in col. 10, lines 10-15 Demsey discloses the 
intension to allow one or more users to have access to such native resources/objects. Therefore, 
Demsey discloses a second or third user requesting access to a native resource or object. 



12. Claims 8-10, 13, 17-20, 22-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Demsey in view of Gainer and Official Notice. 
Claim 8 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer does not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object using the virtual name provided in the 
request and a scope-specific. However the examiner takes Official Notice that the technique of 
forming scope specific literal names for system objects, files or components is well known in the 
computing arts. It would have been obvious to one of ordinary skill in the art at the time of 
invention to modify the "Virtual Machine Execution Engine" and "Native Resource Handle Tables" 
(see at least fig. 1-2 and related text) of Demsey to include a mechanism for forming scope 
specific literal names of objects because it would have applied its advantages in distinguishing 
such a object of an isolation environment. 

Claim 9 
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The combination Demsey/Gainer disclose the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c)comprises 
forming a literal name for the system object using the virtual name provided in the request and a 
scope-specific identifier, the scope-specific identifier associated with an application isolation 
scope with which the process making the request is associated. However the examiner takes 
Official Notice that the technique of defining a scope specific identifier when forming literal names 
for system objects, files and components is well known in the computing arts. It would have been 
obvious to one of ordinary skill in the art at the time of invention to modify the "Virtual Machine 
Execution Engine" and "Native Resource Handle Tables" (see at least fig. 1-3 and related text) of 
Demsey to include a scope specific identifier for literal names of objects because it would have 
applied its advantages in distinguishing such a object of an isolation environment. 

Claim 10 

The combination Demsey/Gainer disclose the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object using the virtual name provided in the 
request and a scope-specific identifier, the scope-specific identifier associated with the user 
isolation scope in which the process making the request executes. However the examiner takes 
Official Notice that the technique of defining a scope specific identifier when forming literal names 
for system objects. It would have been obvious to one of ordinary skill in the art at the time of 
invention to modify the "Virtual Machine Execution Engine" and "Native Resource Handle Tables" 
(see at least fig. 1-2 and related text) of Demsey to include a scope specific identifier associated 
with a user isolation scope because it would have applied its advantages in distinguishing such a 
object of an isolation environment. 

Claim 13 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
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comprises forming a literal name for the system object that is substantially identical to the virtual 
name provided in the request. However the examiner takes Official Notice that the technique of 
forming scope specific literal names for system objects, files or components is well known in the 
computing arts. It would have been obvious to one of ordinary skill in the art at the time of 
invention to modify the "Virtual Machine Execution Engine" and "Native Resource Handle Tables" 
(see at least fig. 1-2 and related text) of Demsey to include a mechanism for forming scope 
specific literal names of objects because it would have applied its advantages in distinguishing 
such a object of an isolation environment. 

Claim 17 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object using the virtual name provided in the 
request and a scope-specific identifier However the examiner takes Official Notice that the 
technique of forming scope specific literal names for system objects, files or components is well 
known in the computing arts. It would have been obvious to one of ordinary skill in the art at the 
time of invention to modify the "Virtual Machine Execution Engine" and "Native Resource Handle 
Tables" (see at least fig. 1-2 and related text) of Demsey to include a mechanism for forming 
scope specific literal names of objects because it would have applied its advantages in 
distinguishing such a object of an isolation environment. 

Claim 18 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object using the virtual name provided in the 
request and a scope-specific identifier, the scope-specific identifier associated with an application 
isolation scope with which the process making the request is associated (see at least fig. 1-3 and 
related text). However the examiner takes Official Notice that the technique of defining a scope 
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specific identifier when forming literal names for system objects, files and components is a well 
known in the computing arts. It would have been obvious to one of ordinary skill in the art at the 
time of invention to modify the "Virtual Machine Execution Engine" and "Native Resource Handle 
Tables" (see at least fig. 1-2 and related text) of Demsey to include a scope specific identifier for 
literal names of objects associated to processes making a request because it would have applied 
its advantages in distinguishing such object of an isolation environment. 

Claim 19 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object using the virtual name provided in the 
request and a scope-specific identifier, the scope-specific identifier associated with the second 
user isolation scope in which the process making the request executes. However the examiner 
takes Official Notice that the technique of defining a scope specific identifier when forming literal 
names for system objects, files and components is a well known in the computing arts. It would 
have been obvious to one of ordinary skill in the art at the time of invention to modify the "Virtual 
Machine Execution Engine" and "Native Resource Handle Tables" (see at least fig. 1-2 and 
related text) of Demsey to include a scope specific identifier associated with a second user 
because it would have applied its advantages in distinguishing such a object in a user isolation 
environment. 

Claim 20 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object that is substantially identical to the virtual 
name provided in the request. However the examiner takes Official Notice that the technique of 
forming scope specific literal names for system objects, files or components is well known in the 
computing arts. It would have been obvious to one of ordinary skill in the art at the time of 
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invention to modify the "Virtual Machine Execution Engine" and "Native Resource Handle Tables" 
(see at least fig. 1 and 2 and related text) of Demsey to include a mechanism for forming scope 
specific literal names of objects because it would have applied its advantages in distinguishing 
such a object of an isolation environment. 

Claim 22 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object using the virtual name provided in the 
request and a scope-specific identifier. However the examiner takes Official Notice that the 
technique of forming scope specific literal names for system objects, files or components is well 
known in the computing arts. It would have been obvious to one of ordinary skill in the art at the 
time of invention to modify the "Virtual Machine Execution Engine" and "Native Resource Handle 
Tables" (see at least fig. 1-2 and related text) of Demsey to include a mechanism for forming 
scope specific literal names of objects because it would have applied its advantages in 
distinguishing such a object of an isolation environment. 

Claim 23 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object using the virtual name provided in the 
request and a scope-specific identifier, the scope-specific identifier associated with an application 
isolation scope with which the second process making the request is associated. However the 
examiner takes Official Notice that the technique of defining a scope specific identifier when 
forming literal names for system objects is well known in the computing arts. It would have been 
obvious to one of ordinary skill in the art at the time of invention to modify the "Virtual Machine 
Execution Engine" and "Native Resource Handle Tables" (see at least fig. 1-2 and related text) of 
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Demsey to include a scope specific identifier associated to processes making a request because 
it would have applied its advantages in distinguishing such object of an isolation environment. 

Claim 24 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object using the virtual name provided in the 
request and a scope-specific identifier, the scope-specific identifier associated with the user 
isolation scope in which the second process making the request executes. However the examiner 
takes Official Notice that the technique of defining a scope specific identifier when forming literal 
names for system objects, files and components is well known in the computing arts. It would 
have been obvious to one of ordinary skill in the art at the time of invention to modify the "Virtual 
Machine Execution Engine" and "Native Resource Handle Tables" (see at least fig. 1-2 and 
related text) of Demsey to include a scope specific identifier associated with a second user 
because it would have applied its advantages in distinguishing such a object in a user isolation 
environment. 

Claim 25 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. The 
combination Demsey/Gainer do not specifically disclose the limitations wherein step (c) 
comprises forming a literal name for the system object that is substantially identical to the virtual 
name provided in the request (see at least col. 6, lines 42-51 , fig. 2 and 3). The Native Resources 
Handle Table shows assigning names to system objects associated to an application which 
maybe identical to the virtual name provide in the request. However the examiner takes Official 
Notice that the technique of forming scope specific literal names for system objects, files or 
components is well known in the computing arts. It would have been obvious to one of ordinary 
skill in the art at the time of invention to modify the "Virtual Machine Execution Engine" and 
"Native Resource Handle Tables" of Demsey to include a mechanism for forming scope specific 
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literal names of objects because it would have applied its advantages in distinguishing such a 
object of an isolation environment. 

13. Claims 2 and 5 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey/Gainer 
and further in view of Wilner et al. (US 7,213,247 B1 ). 
Claim 2 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. 
Further, Demsey discloses "Native resource tracking mechanism tables (hereinafter, "handle 
tables") for associating various different native resources with a specific application are provided" 
which is an application object name mapping mechanism (see at least col. 3, lines 47-56 and 
Fig. 2). Demsey does not specifically disclose the limitation group consisting of a semaphore, a 
mutex, a mutant, a timer, an event, a job object, a file-mapping object, a section, a named pipe, 
and a mailslot, the request including a virtual name for the system object. However, Wilner 
discloses "Such system objects 125 may include semaphores, message queues, and watchdog 
timers (as are well known), as well as other protection domains" (see at least col. 9, lines 28-31). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to 
combine Demsey's native resources handle table with the system objects of Wilner because It 
would have allow the practitioner to include such system objects to facilitate effective 
communication of components. 

Claim 5 

The combination of Demsey/Gainer discloses the limitations as shown in the rejections above. 
Demsey does not specifically disclose the limitations "wherein step (a) comprises receiving a 
request from a process executing in the context of a user isolation scope to create a system 
object, the request including a virtual name for the system object. However, Wilner does "... when 
a particular function and/or data structure (defined by a "class" definition) is requested, the 
operating system creates ("instantiates") an "object" that uses executable code and/or data 
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structure definitions specified in the class definition. Such objects thus may contain executable 
code, data structures ..." (see least col. 1, lines 16-25). It would have been obvious to one of 
ordinary skill in the art at the time of the invention to combine receiving a request for a native 
resource or object of Demsey/Gainer with Wilner's technique for creating a system object 
because It would have allowed creating a system object. 



14. Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey/Gainer and 
further in view of Boyd et al. "Process Migration: A generalized Approach Using a Virtualizing 
Operating System", ICDCS'02. 
Claim 3 

The combination of Demsey/Gainer discloses the limitations as shown in the rejections above. 
Further, Demsey implicitly discloses the limitation the request including a virtual name for the 
system object (see at least Fig. 2 and 3). Demsey does not specifically disclose the limitation 
wherein step (a) comprises intercepting a request to access a system object from a process 
executing in the context of a user isolation scope. However, Boyd discloses "The virtualization 
mechanism depends upon API interception methodology. The APIs of an application are typically 
serviced by library routines. Library routines are connected to the application using a layer of 
indirection. This layer of indirection presents an opportunity to capture and modulate the API call 
through the implementation of a system which captures and restores state information" (see at 
least section 1 Introduction par. 4 and section 2.1 Architecture). It would have been obvious to 
one of ordinary skill in the art at the time of the invention to combine Demsey/Gainer with the API 
interception methodology of Boyd because It would have allow the practitioner to implement a 
mechanism to intercept a system object from a process executing. 
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15. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey/Gainer ad further 
in view of Bendert et al. (US 5,668,958 A). 

Claim 4 

The combination of Demsey/Gainer discloses the limitations as shown in the rejections above. In 
regards to the limitations wherein step (a) comprises receiving a request from a process 
executing in the context of a user isolation scope to open a system object, the request including a 
virtual name for the system object. Demsey teaches implicitly in at least in fig. 2-3 but does not 
specifically disclose. However, Bendert does in at least Figure 8(a) and (b). It would have been 
obvious to one of ordinary skill in the art at the time of the invention to combine Demsey/Gainer 
with "Heterogeneous filing system with common API and reconciled file management rules" 
because It would have allow the practitioner to implement a mechanism to access a system 
object. 

16. Claim 7 is rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey/Gainer and 
further in view of Chaudhuri et al. (US PGP 20050192921 A1 ). 

Claim 7 

The combination of Demsey/Gainer disclose the limitations as shown in the rejections above. 
Demsey does not specifically disclose the limitations further comprising a rules engine storing a 
rule associated with the request. Chaudhuri, however discloses ECA Rule Engine 140 and a 
Database 55 (see at least Fig. 1). It would have been obvious to one of ordinary skill in the art at 
the time of the invention to modify Demsey/Gainer to include Chaudhuri's Rule Engine and 
Database because it would have provided the ability to define, classify, register and manage rules 
efficiently of such system. 

17. Claim 1 1 and 12 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey/Gainer 
and further in view of Cummings et al. (US 6,023,721 A) 

Claim 11 
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The combination Demsey/Gainer discloses the limitations as shown in the rejections above. 
Demsey does not specifically disclose the limitations wherein step (c) further comprises the step 
of forming a literal name for the system object identifying the system object as having global 
visibility. However, Cummings discloses "...executing in a multi-user environment to create and 
modify system objects, some of which have system global visibility and some of which have only 
user global visibility, begins by intercepting an API call to create or modify a named resource 
(step 302). A set of rules associated with the application making the API call is accessed (step 
304)." (see at least col. 4, lines 21-32 and fig. 3). It would have been obvious to one of ordinary 
skill in the art at the time of the invention to combine Demsey/Gainer with the "Method and 
system for allowing a single-user application executing in a multi-user environment to create 
objects having both user-global and system global visibility" of Cummings because it would allow 
the practitioner to implement systems objects names with global visibility. 

Claim 12 

The combination Demsey/Gainer discloses the limitations as shown in the rejections above. 
Demsey does not specifically disclose the limitations wherein step (c) further comprises the step 
of forming a literal name for the system object identifying the system object as having session 
visibility. However, Cummings discloses "...executing in a multi-user environment to create and 
modify system objects, some of which have system global visibility and some of which have only 
user global visibility, begins by intercepting an API call to create or modify a named resource 
(step 302). A set of rules associated with the application making the API call is accessed (step 
304)." (see at least col. 4, lines 21-32 and fig. 3). It would have been obvious to one of ordinary 
skill in the art at the time of the invention to combine Demsey/Gainer with the user-global visibility 
(see at least col. 4, lines 6-14) of Cummings because it would allow the practitioner to implement 
systems objects names with global and session visibility. 



Application/Control Number: 10/711,735 Page 17 

Art Unit: 4114 

18. Claim 26, 27, 31-34 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey in 
view of Boyd. 
Claim 26 

An apparatus for virtualizing access to named system objects comprising: 
Demsey discloses the limitations as shown in the rejections above. 

• an operating system interface requesting access to the system object using the literal 
name, (see at least Fig. 1, 3 and related text) Discloses an Operating System interfacing 
with a Virtual Machine Execution Engine and a Native Resource Handle Tables. 

• a name visualization engine forming a literal name for the system object (see at least 
Fig. 1-3 and related text). 

• receiving a request to access a system object from a process executing in the context of 
a user isolation scope, the request including a virtual name for the system object (see at 
least col. 7, lines 15-21 and Fig.3, step 302 and Fig. 2). 

Demsey does not specifically disclose the limitation a hooking mechanism. However, Boyd 
disclose in at least section 2.2 paragraph 3 "The vEX uses the vIN to initiate process data from 
the workstation application. The vIN is a software module that is injected into a newly launched 
application. Once injected, it monitors the host application by intercepting its API calls to the 
underlying libraries". It would have been obvious to one of ordinary skill in the art at the time of 
the invention to combine Demsey with Boyd's virtualizing Executive vEX and the virtualizing 
Interceptor vIN because it would have provided a way to intercept access to the operating system 
objects without altering its original content. 

Claim 27 

The combination of Demsey/Boyd disclose the limitations as shown in the rejections above. 
Demsey does not specifically disclose the limitation wherein the hooking mechanism intercepts a 
request to open a system object. However, Boyd further discloses "The virtualization mechanism 
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depends upon API interception methodology. The APIs of an application are typically serviced by 
library routines. Library routines are connected to the application using a layer of indirection. This 
layer of indirection presents an opportunity to capture and modulate the API call through the 
implementation of a system which captures and restores state information" (see at least section 1 
Introduction par. 4 and section 2.1 Architecture). It would have been obvious to one of ordinary 
skill in the art at the time of the invention to modify Demsey and implement the technique of 
Boyd's virtualizing Executive vEX and the virtualizing Interceptor vIN because It would have allow 
to intercept a request before opening a system object. 



19. Claim 26, 27, 31-34 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey in 
view of Boyd and Official Notice. 
Claim 31 

The combination Demsey/Boyd disclose the limitations as shown in the rejections above. The 
combination Demsey/Boyd do not specifically disclose the limitation wherein the name 
virtualization engine forms a literal name for the system object that is substantially identical to the 
virtual name. However the examiner takes Official Notice that the technique of forming scope 
specific literal names for system objects, files or components is well known in the computing arts. 
It would have been obvious to one of ordinary skill in the art at the time of invention to modify the 
"Virtual Machine Execution Engine" and "Native Resource Handle Tables" (see at least fig. 1-2 
and related text) of Demsey to include a mechanism for forming scope specific literal names of 
objects because it would have applied its advantages in distinguishing such a object of an 
isolation environment. 

Claim 32 

The combination Demsey/Boyd disclose the limitations as shown in the rejections above. The 
combination Demsey/Boyd do not specifically disclose the limitation wherein the name 
virtualization engine forms a literal name for the system object using the virtual name and a 
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scope-specific identifier. However the examiner takes Official Notice that the technique of forming 
scope specific literal names for system objects, files or components is well known in the 
computing arts. It would have been obvious to one of ordinary skill in the art at the time of 
invention to modify the "Virtual Machine Execution Engine" and "Native Resource Handle Tables" 
(see at least fig. 1-2 and related text) of Demsey to include a mechanism for forming scope 
specific literal names of objects because it would have applied its advantages in distinguishing 
such a object of an isolation environment. 

Claim 33 

The combination Demsey/Boyd disclose the limitations as shown in the rejections above. The 
combination Demsey/Boyd do not specifically disclose the limitation wherein the scope-specific 
identifier is associated with an application isolation scope with which the process making the 
request is associated However the examiner takes Official Notice that the technique of defining a 
scope specific identifier when forming literal names for system objects, files and components is a 
well known in the computing arts. It would have been obvious to one of ordinary skill in the art at 
the time of invention to modify the "Virtual Machine Execution Engine" and "Native Resource 
Handle Tables" (see at least fig. 1-3 and related text) of Demsey to include a scope specific 
identifier for literal names of objects because it would have applied its advantages in 
distinguishing such a object of an isolation environment. 

Claim 34 

The combination Demsey/Boyd disclose the limitations as shown in the rejections above. The 
combination Demsey/Boyd do not specifically disclose the limitation wherein the scope-specific 
identifier is associated with the user isolation scope in which the process making the request 
executes. However the examiner takes Official Notice that the technique of defining a scope 
specific identifier when forming literal names for system objects. It would have been obvious to 
one of ordinary skill in the art at the time of invention to modify the "Virtual Machine Execution 
Engine" and "Native Resource Handle Tables" (see at least fig. 1-2 and related text) of Demsey to 
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include a scope specific identifier associated with a user isolation scope because it would have 
applied its advantages in distinguishing such a object of an isolation environment. 



20. Claim 28 is rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey/Boyd and 
further in view of Wilner. 
Claim 28 

The combination of Demsey/Boyd disclose the limitations as shown in the rejections above. 
Demsey does not specifically disclose the limitations wherein the hooking mechanism intercepts 
a request to create a system object. However, Wilner does "when a particular function and/or 
data structure (defined by a "class" definition) is requested, the operating system creates 
("instantiates") an "object" that uses executable code and/or data structure definitions specified in 
the class definition. Such objects thus may contain executable code, data structures ..." (see 
least col. 1, lines 16-25). It would have been obvious to one of ordinary skill in the art at the time 
of the invention to combine Demsey/Boyd and Wilner's technique for creating objects because It 
would have applied its advantages in creating a system object. 



21. Claim 29 and 30 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demsey/Boyd 
in view of Chaudhuri. 
Claim 29 

The combination of Demsey/Boyd disclose the limitations as shown in the rejections above. 
Demsey does not specifically disclose the limitations further comprising a rules engine storing a 
rule associated with the request. Chaudhuri, however discloses ECA Rule Engine 140 and a 
Database 55 (see at least Fig. 1 ). It would have been obvious to one of ordinary skill in the art at 
the time of the invention to modify Demsey/Boyd to include Chaudhuri's Rule Engine and 
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Database because it would have provided the ability to define, classify, register and manage rules 
efficiently of such system. 

Claim 30 

The combination of Demsey/Boyd disclose the limitations as shown in the rejections above. 
Demsey does not specifically disclose the limitation wherein the rules engine comprises a 
database. Chaudhuri, however discloses ECA Rule Engine 140 and a Database 55 (see at least 
Fig. 1). It would have been obvious to one of ordinary skill in the art at the time of the invention to 
modify Demsey/Boyd to include Chaudhuri's Rule Engine and Database because it would have 
allow such a system to store rules associated with a request. 

Any inquiry of a general nature or relating to the status of this application or concerning 
this communication or earlier communications from the Examiner should be directed to Willy W. 
Huaracha whose telephone number is 571.270.5510. The Examiner can normally be reached on 
Monday-Friday, 9:30am-5:00pm. If attempts to reach the examiner by telephone are 
unsuccessful, the Examiner's supervisor, JAMES A. REAGAN can be reached at 
571.272.6710. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be 
obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR system, 
see http://portai.uspto.gov/extemal/portai/pair . Should you have questions on access to the 
Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free). 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
Washington, D.C. 20231 

or faxed to 571-273-8300. 
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Hand delivered responses should be brought to the United States Patent and 
Trademark Office Customer Service Window: 

Randolph Building 
401 Dulany Street 
Alexandria, VA 22314. 

/WILLY WHUARACHA/ 
Date: 12/15/2008 
Examiner, Art Unit 4114 
/James A. Reagan/ 

Supervisory Patent Examiner, Art Unit 4114 



